[Freeipa-users] 4.1.4 and OTP

Janelle janellenicole80 at gmail.com
Fri Apr 17 20:52:09 UTC 2015 

On 4/17/15 1:19 PM, Dmitri Pal wrote:
> On 04/17/2015 01:20 PM, Janelle wrote:
>> On 4/17/15 9:53 AM, Dmitri Pal wrote:
>>> On 04/17/2015 11:16 AM, Janelle wrote:
>>>> Hi,
>>>>
>>>> Is anyone else having issues with OTP since upgrading? For the life 
>>>> of me I can't get it to accept "Sync" for the tokens. No matter 
>>>> what is put in, it just keeps saying the username, password or 
>>>> tokens entered  are incorrect.
>>>>
>>>> To make it simple - I am tryign this on a brand new CentOS 7.1 
>>>> system with a clean/fresh install of FreeIPA 4.1.4 and yet it just 
>>>> refuses to work.
>>>>
>>>> I create a user -- configure them. They work just fine with a 
>>>> password. Then add a token. Sync with FreeOTP and that all works. 
>>>> Then going back to the web UI and do Sync OTP and it simply refuses 
>>>> to accept any values. And yet the same user can login to the 
>>>> regular web UI with their password.
>>>>
>>>> I have tried setting the user to both Password and OTP for auth 
>>>> methods. And also just OTP and nothing works.
>>>
>>> Please look in the logs to see what is going on.
>>> You would need to look at the KDC, http and DS logs on the server to 
>>> sort out what is going on.
>>>
>>> Do you change the password for the user first after creating him?
>>>
>>> Can you reproduce the problem with demo instance?
>>> http://www.freeipa.org/page/Demo
>>> If you can then we can take a look at the logs right away.
>>> Hints? Am I missing  a step?
>>>
>>> ~J
>>>
>> It appears to be the UI. If I go through the steps and let it "fail", 
>> I can still login using OTP to servers. I made the assumption that 
>> the error itself was not an error.. :-)
>>
>> ~J
>>
> I am not sure I get what you are saying. Do you still see the problem 
> or you misinterpreted the UI and now the problem is gone? If you did 
> is there any recommendation how to improve the UI not to confuse people?
>
The problem exists -- this is what it shows:
HOWEVER, it is still WORKING. Meaning, even if you get this error, if 
you attempt to login with your FreeOTP token, it WORKS.

~J


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150417/800eaf67/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ibghicgh.
Type: image/png
Size: 33523 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150417/800eaf67/attachment.png>

More information about the Freeipa-users mailing list